Описание
An integer overflow flaw was found in rpm which can allow undefined behavior. The highest threat from this vulnerability is to data confidentiality, availability and integrity.
Отчет
Red Hat Product Security does not consider this to be a vulnerability. The value is not stored and the check sufficiently catches any errant values.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | rpm | Out of support scope | ||
| Red Hat Enterprise Linux 7 | rpm | Not affected | ||
| Red Hat Enterprise Linux 8 | rpm | Not affected | ||
| Red Hat Enterprise Linux 9 | rpm | Not affected |
Показывать по
10
Дополнительная информация
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1927740rpm: integer overflow in hdrblobVerifyRegion() in lib/header.c
0 Low
CVSS3
Связанные уязвимости
ubuntu
больше 4 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
nvd
больше 4 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
0 Low
CVSS3